CN109753808A - A kind of privacy compromise methods of risk assessment and device - Google Patents
A kind of privacy compromise methods of risk assessment and device Download PDFInfo
- Publication number
- CN109753808A CN109753808A CN201811377272.8A CN201811377272A CN109753808A CN 109753808 A CN109753808 A CN 109753808A CN 201811377272 A CN201811377272 A CN 201811377272A CN 109753808 A CN109753808 A CN 109753808A
- Authority
- CN
- China
- Prior art keywords
- permission
- combination
- application
- susceptibility
- privacy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the present invention provides a kind of privacy compromise methods of risk assessment and device, emphasis considers the case where third-party service provider obtains privacy information in the unwitting situation of user, by collecting and analyzing user authority setting sample, the susceptibility of the privacy information of Quantifying Permission management, make incidence relation between permission and privacy definitely, personalized digital right management scheme is more accurately customized for user to more preferable, susceptibility based on the difference Quantifying Permission between malicious application set and normal use set, and emphasis considers permission combination to privacy compromise bring non-linear effects, balancing service quality and secret protection effect, the system entirety digital right management scheme for reducing private information disclosure risk can be provided while guaranteeing higher quality of service for user.
Description
Technical field
The present embodiments relate to privacy risk assessment technology fields, comment more particularly, to a kind of privacy compromise risk
Estimate method and device.
Background technique
As Informatization Service is quickly popularized, the development of mobile Internet the relevant technologies, the use of intelligent terminal has been permeated
Enter daily life.User has been also subjected to increasingly serious privacy while enjoyment intelligent terminal brings convenient service
The risk of leakage of information.Currently, the rights management mechanism that intelligent terminal operation system (such as Android, iOS etc.) uses be with
Access authority is controlled using for unit, the application of only acquisition corresponding authority could read privacy of user data.Due to intelligence
The excessive application permission of many applications, causes the private information disclosure event of user to take place frequently in terminal.For being answered in intelligent terminal
The case where with excessive application for permission, there are several types of the methods of rights management at present.
(1) based on the right management method of context environmental, the feedback of application and the context of operation are used according to user
Environment is managed the permission of application;
(2) it based on the right management method of crowdsourcing, by way of being putd question to user, finds out and uses similar in privacy expectation
Permission allocation plan is recommended using collaborative filtering in family.
Third party service provider in intelligent terminal can obtain privacy information in the unwitting situation of user.Due to answering
Third-party service (for example, map, advertisement and payment etc.) is come from being integrated with, so that the protecting effect of rights management mechanism drops
It is low.Third-party service is packaged into host's application in the form of library file.These library files are service provider (Service
Provider, SP) publication binary file, common file suffixes name has .jar .a .so or .tdb etc..Same service can
It is packaged into multiple applications, in currently used rights management mechanism, third-party service possesses with host using identical
Permission, and user can not learn application permission be host application or third party service provider.Third party library is packaged
Permission to multiple applications, each application application is not identical.When such application is mounted in same intelligent terminal, then there is third
Square service provider may obtain all sensitive permissions relevant to privacy information.According to obtained permission, third party's service is provided
Quotient can draw complete user's portrait, and be made profit with this.Due to operating system do not prompt the user with host application or
Third party is in application access right, so user can not learn and give whether the permission will cause private information disclosure, and it is existing
Method can not all solve these problems, not can guarantee and provide a kind of reduction privacy letter while higher quality of service for user
Cease the authority configuration scheme of risk of leakage.
Summary of the invention
The embodiment of the present invention provides a kind of a kind of privacy for overcoming the above problem or at least being partially solved the above problem
Risk of leakage appraisal procedure and device.
In a first aspect, the embodiment of the present invention provides a kind of privacy compromise methods of risk assessment, comprising:
User is quantified as the revocation ratio of permission to the sensitivity of the managed sensitive information of permission, constructs common permission
Combination obtains the combination susceptibility of common permission combination based on the sensitivity;
It obtains the common permission combination and occurs occurring the difference of ratio, base in ratio and normal use in malicious application
The combined non-linearity susceptibility of the common permission combination is obtained in the difference and the combination susceptibility, and is based on described group
Close the non-linear susceptibility of permission that non-linear susceptibility obtains each permission under permission assembled state;
Based on the application permission and the non-linear susceptibility of the permission of each service provider in installation application, serviced
The privacy compromise value-at-risk of provider;Privacy compromise value-at-risk based on all service providers, the whole privacy that is applied are let out
Leak value-at-risk.
Second aspect, the embodiment of the present invention provide a kind of privacy compromise risk assessment device, comprising:
Sensitivity obtains module, for revocation ratio of the user to permission to be quantified as the managed sensitive information of permission
Sensitivity constructs common permission combination, and the combination susceptibility of common permission combination is obtained based on the sensitivity;
Non-linear susceptibility obtains module, occurs ratio and just in malicious application for obtaining the common permission combination
Often there is the difference of ratio in application, the combination of the common permission combination is obtained based on the difference and the combination susceptibility
Non-linear susceptibility, and it is non-linear quick based on the permission that the combined non-linearity susceptibility obtains each permission under permission assembled state
Sensitivity;
Evaluation module obtains each for application permission and the non-linear susceptibility of the permission based on service provider
The privacy compromise value-at-risk of service provider;Based on the privacy compromise value-at-risk of service providers all in application, it is applied
Whole privacy compromise value-at-risk.
The third aspect, the embodiment of the present invention provides a kind of electronic equipment, including memory, processor and is stored in memory
Computer program that is upper and can running on a processor, is realized when the processor executes described program as first aspect provides
Method the step of.
Fourth aspect, the embodiment of the present invention provide a kind of non-transient computer readable storage medium, are stored thereon with calculating
Machine program is realized as provided by first aspect when the computer program is executed by processor the step of method.
The embodiment of the present invention proposes a kind of privacy compromise methods of risk assessment and device, emphasis consider third-party clothes
The case where business provider obtains privacy information in the unwitting situation of user, by collecting and analyzing user authority setting sample
This, the susceptibility of the privacy information of Quantifying Permission management makes incidence relation between permission and privacy definitely, thus more preferably
Personalized digital right management scheme is more accurately customized for user, based on the difference between malicious application set and normal use set
The susceptibility of different Quantifying Permission, and emphasis considers permission combination to privacy compromise bring non-linear effects, balancing service matter
Amount and secret protection effect, can provide while guaranteeing higher quality of service for user reduces private information disclosure risk
System entirety digital right management scheme.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the privacy compromise methods of risk assessment schematic diagram according to the embodiment of the present invention;
Fig. 2 is the privacy compromise methods of risk assessment concrete application schematic diagram according to the embodiment of the present invention;
Fig. 3 is the privacy compromise risk assessment schematic device according to the embodiment of the present invention;
Fig. 4 is the entity structure schematic diagram according to the electronic equipment of the embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
Since application integration comes from third-party service (for example, map, advertisement and payment etc.), so that rights management machine
The protecting effect of system reduces.Third-party service is packaged into host's application in the form of library file.These library files are services
The binary file of provider's publication, common file suffixes name have .jar .a .so or .tdb etc..Same service can be packaged
Into multiple applications, in current rights management mechanism, possess with host using identical permission, and user can not learn
Application permission is host's application or third party service provider.Third party library is packaged into multiple applications, each to apply Shen
Permission please is not identical.If these applications are mounted in same intelligent terminal, then there is third party service provider that may obtain
Obtain all sensitive permissions relevant to privacy information.According to these permissions, third party service provider can draw complete use
Family portrait, and made profit with this.
Because operating system does not prompt the user with host's application or third party in application access right, user
It can not learn and give whether the permission will cause private information disclosure, and existing method can not all solve these problems, it cannot
A kind of authority configuration scheme for reducing private information disclosure risk is provided while guaranteeing higher quality of service for user.Therefore
Various embodiments of the present invention emphasis obtains privacy information under considering third party service provider under the conditions of user is unwitting
Situation, the susceptibility of the privacy information of Quantifying Permission management make incidence relation between permission and privacy definitely, thus more
It is good that personalized digital right management scheme is more accurately customized for user, based between malicious application set and normal use set
Difference, the susceptibility of Quantifying Permission, and emphasis consider permission combination to privacy compromise bring non-linear effects, balancing service
Quality and secret protection effect.Expansion explanation and introduction will be carried out by multiple embodiments below.
Fig. 1 is a kind of privacy compromise methods of risk assessment provided in an embodiment of the present invention, comprising:
S1, the sensitivity that user is quantified as the revocation ratio of permission to the managed sensitive information of permission, building are common
Permission combination obtains the combination susceptibility of common permission combination based on the sensitivity;
S2, the acquisition common permission combination occur occurring the difference of ratio in ratio and normal use in malicious application
Value obtains the combined non-linearity susceptibility of the common permission combination based on the difference and the combination susceptibility, and is based on
The combined non-linearity susceptibility obtains the non-linear susceptibility of permission of each permission under permission assembled state;
S3, the application permission based on service provider and the non-linear susceptibility of the permission, obtain each service provider
Privacy compromise value-at-risk;Based on the privacy compromise value-at-risk of service providers all in application, the whole privacy that is applied is let out
Leak value-at-risk.
In the present embodiment, emphasis considers third-party service provider and obtains privacy in the unwitting situation of user
The case where information, by collecting and analyzing user authority setting sample, the susceptibility of the privacy information of Quantifying Permission management makes to weigh
It limits the incidence relation between privacy definitely, so that more preferable is more accurately the rights management side of user's customization personalization
Case, based on the difference between malicious application set and normal use set, the susceptibility of Quantifying Permission, and emphasis considers permission
Combination is to privacy compromise bring non-linear effects, balancing service quality and secret protection effect.
Specifically, in the present embodiment, sensitivity embodies user to the attention degree of the managed privacy information of the permission,
In sensitive permission set relevant to privacy of user, a possibility that susceptibility is higher, and user more payes attention to, then the permission is revoked, is got over
Greatly.Therefore, usable permission, which is revoked ratio, indicates the sensitivity of permission.User authority setting sample is collected and analyzed, is united
Meter user authorizes/cancels the ratio of permission.The revocation ratio of permission is between 0 to 1, for convenience of subsequent to the non-thread of permission combination
Property the calculating that influences, in this step S1, sensitivity is mapped to [1 ,+∞).
And the sensitivity due to being obtained according to the revocation ratio of permission only embodies permission individually and influences, and having
In body application, permission is usually that form combine with permission proposes, therefore, it is necessary to consider the quick of in permission combines each permission
Sensitivity, and then the permission being applied combines the influence for privacy compromise risk, in the present embodiment, passes through permission combination pair
Susceptibility bring non-linear effects calculate the non-linear susceptibility of weight.
Specifically, in the present embodiment step S2, normal use collection is combined into the permission of application and what actual functional capability was consistent answer
Set, malicious application collection be combined into application sensitive permission be greater than setting quantity application set, the sensitive permission be with
The relevant permission of user privacy information;
Specifically, the permission of Dangerous Permission type in android system can be selected as sensitive power
Limit.
The non-linear effects of permission combination are by generating the difference of authority application between two set, and permission is in malicious application
The case where number difference being applied in set and in normal use set is bigger, which is abused is more serious, quick to its
The non-linear effects of sensitivity are bigger.The sensitivity of permission combination is added up by the susceptibility of all permissions in combination and is obtained.
In step s3, according to the installation application of user, by identifying all service providers for including in application.System
Count out the application permissions list of each service provider.The non-linear susceptibility of permission each in list is added up, is serviced
The privacy compromise value-at-risk of provider.The privacy compromise risk of all service providers is added up, is let out as the whole privacy of application
Leak value-at-risk.
In the present embodiment, as a preferred embodiment, above-mentioned application can be the App in Android or iOS.
On the basis of the above embodiments, revocation ratio of the user to permission is quantified as the managed sensitive information of permission
Before sensitivity, further includes:
Based on the dynamic base of service provider in feature extracting method identification application, permission can wherein be obtained by filtering out
All service providers.
In the present embodiment, pass through the side of feature extraction (for example, url character string, has used the interface etc. of network communication)
Method accurately identifies the dynamic base that service provider develops.After the third party library for identifying service provider's exploitation, use
Method of the static analysis in conjunction with dynamic analysis analyzes library file, judges whether the private data of user leaks into external server
On.Since third party library may complete some behaviors for invading privacy of user by dynamically load jar file, these behaviors are only
Have and is identified in carrying out practically Shi Caineng.Therefore, as long as user authorizes permission, being judged as service provider can be obtained therewith
Associated privacy information.In addition, host's application is considered as an independent service provider.Service in the present embodiment provides
Quotient's recognition methods may be used in above-described embodiment step S3.
On the basis of the various embodiments described above, common permission combination is constructed, is specifically included:
Normal use set and malicious application set are collected, wherein normal use collection is combined into the permission and actual functional capability of application
The set for the application being consistent, malicious application collection are combined into the set that application sensitive permission is greater than the application of setting quantity, the sensitivity
Permission is permission relevant to user privacy information;
Based on association rules method to the power that respectively application is applied in the normal use set and the malicious application set
Common permission combination is excavated in limit combination;The support of each permission combination is calculated, the support is the permission
It combines and concentrates the ratio occurred in the normal use set or the malicious application;
It is common permission combination that support, which is filtered out, greater than the permission group cooperation of preset first threshold value.
Specifically, the permission of Dangerous Permission type in android system can be selected as sensitive power
Limit.
In the present embodiment, by collecting and analyzing normal use set and malicious application set.Specifically, normal use
Gather several before each type ranking in application market applications.Because its download is big, in acquisition privacy information side
Face degree of attracting attention is more, is relatively consistent to the permission of application with actual functional capability, so being selected as normal use set.Malicious application collection
Several applications for applying for that sensitive permission is most in application market are closed, wherein normal use set and malicious application set can
The mode that selection quantity was chosen or set in proportion in selection is chosen.The permission that it is applied is more, and application ranking is more rearward, right
Privacy of user infringement is more serious, therefore is selected into malice set.
The non-linear effects of permission combination are by generating the difference of authority application between above-mentioned two set.Permission is in malice
The case where number difference being applied in set of applications and in normal use set is bigger, which is abused is more serious, right
The non-linear effects of its susceptibility are bigger.The sensitivity of permission combination is added up by the susceptibility of all permissions in combination and is obtained.
For being excavated using the permission of application using association rules method in normal use set and malicious application set
Permission combination is commonly used out;The support of each permission combination is calculated, support is meant that permission combination in corresponding application collection
The ratio occurred in conjunction.Minimum preset first threshold value is first set before association rules method execution.If permission combination
Support is less than preset first threshold value, then ignores the combination.Permission combination susceptibility by combination in all permissions susceptibility
It is cumulative to obtain.
After above-mentioned two collection closes and has executed association rules method respectively, what the common permission being naturally applied combined
Gather the set combined with the common permission of malicious application.Above-mentioned common permission is combined, calculates it in malicious application collection branch
Difference Diff between degree of holding and normal use collection support.
As Diff > 0, indicate that normal use collection is less than malicious application collection to the support that the permission combines, then it is assumed that should
Combination is abused in malicious application concentration.As Diff≤0, indicates that normal use collection is greater than the support that the permission combines and dislike
Meaning application collection, then it is assumed that permission combination is not abused.
According to difference Diff and susceptibility that permission combines, the non-linear susceptibility of permission combination is calculated.Wherein, permission group
Closing susceptibility is the sum of all sensitivitys in combination.
The calculation method of the non-linear susceptibility Diff ' of permission combination is specific as follows:
(1) as Diff > 0, Diff '=Sentivity (1-log (1-Diff)), that is, reflected Diff using logarithmic function
1 is mapped to positive infinity.Multiplied by combination sensitivity and Sentivity, the range of final Diff ' result be
Sentivity is to just infinite.
(2) as Diff≤0, Diff '=0;
On the basis of the various embodiments described above, the combination susceptibility of common permission combination is obtained based on the sensitivity,
It specifically includes:
The sensitivity of each permission in the common permission combination is added up, the permission group of the common permission combination is obtained
Close susceptibility.
It is obtained under permission assembled state respectively on the basis of the various embodiments described above, and based on the combined non-linearity susceptibility
The non-linear susceptibility of the permission of permission, specifically includes:
In each common permission combination, based on permission in common permission combines shared weight by the combined non-linearity
Susceptibility distributes to corresponding permission, obtains the non-linear susceptibility of the permission in combination of corresponding authority;
The circular of weight.To the permission P in the combination of each permission, weight is distributed according to significance level.For
Permission combines A, and (A-P) is other combinations that P is removed in permission combination, and permission P is promotion of the P to (A-P) to the contribution of combination A
Spend lift.Promotion degree is the concept in association rule algorithm, indicates the correlation of P and (A-P).Correlation is bigger, then P is to (A-
P contribution) is bigger, then weight of the P in A is bigger.
The average value of the corresponding non-linear susceptibility of permission in all permissions combination of each permission is obtained, and as correspondence
The non-linear susceptibility of the permission of permission.
In the present embodiment, the weight of each permission in permission combination is calculated, the combined non-linearity for combining permission is quick
The permission that sensitivity includes to each by weight distribution.
The average value for calculating non-linear susceptibility of the permission in all permissions combination, the non-linear sensitivity as the permission
Degree.
On the basis of the various embodiments described above, it is applied after whole privacy compromise value-at-risk, further includes:
The ratio of number is revoked in similar application as rights service mass loss value to install each permission in application,
By the cumulative service quality loss value that is applied of rights service mass loss value of all permissions being revoked of installation application, by institute
There is application service quality penalty values are cumulative to obtain system service mass loss value.
In the present embodiment, the availability of application must be taken into consideration in rights management.For corresponding use, the permission of revocation is got over
More, the risk of privacy compromise is lower, and service quality is also lower.Under extreme case, the privacy that all permissions all cancel is let out
Leak out danger it is minimum, but normal function will be unable to using.The availability of application and the subjective understanding of user are related, can be from user couple
Trend is embodied in the priority assignation of similar application.For example, if 80% user to social category application revocation position permission,
Illustrate little to such service quality loss after cancelling;If illustrating to remove without user's to map class application revocation position permission
It is very big to such service quality loss after pin.
Therefore, the ratio of number is revoked in similar application using permission as the penalty values of the service quality of the permission.
Will all permissions being revoked of application service quality loss value it is cumulative it can be concluded that the application service quality loss.Using whole
The service quality of bulk diffusion is the sum of the service quality of all applications loss.
On the basis of the various embodiments described above, it is applied after whole privacy compromise value-at-risk, further includes:
Set constraint condition: system service mass loss value is no more than default second threshold, application service quality penalty values
The difference of maxima and minima be less than default third threshold value;
Free permission allocation plan is configured based on the constraint condition.
In the present embodiment, for service provider, the permission of its acquisition is reduced, permission assemblage zone can be reduced and carry out privacy
A possibility that risk non-linear growth, reduces user's whole private information disclosure to the risk of service provider, but at the same time,
The permission for reducing its acquisition can also reduce the service quality of its application.The case where all authority configurations are likely to occur forms permission
Configuration space Γ finds one and takes into account privacy compromise risk and application clothes in all permissions configuration space Γ of system application
The optimal case for quality of being engaged in, and send it to client.Different rights configuration for different application in system, system privacy
The risk and service quality loss of leakage of information are also different.Therefore for system application all permissions configuration space Γ, power
The optimum target of limit configuration is search permission configuration space Γ, and an allocation optimum scheme is found in authority configuration space,
Meet under certain constraint condition, system privacy risk of leakage value is made to decline maximum allocation plan.
The constraint condition sets two conditions: (1) loss of system service mass loss value is no more than default second threshold,
(2) maximum value of single application service quality penalty values and the difference of minimum value are less than default third threshold value.
Common permission combination is excavated by association rule algorithm, i.e., is excavated in malicious application set by association rule algorithm
Apply the frequent item set of permission as common permission combination;Permission between malicious application set and normal use set is calculated to combine
The difference of support, Quantifying Permission combine the influence to sensitivity, identify the service provider for including in system, construct mould
The private information disclosure risk of type assessment system entirety.Balanced point is made between application whole service quality and secret protection
Analysis constructs optimal model, the digital right management scheme of computing system entirety.
On the basis of the various embodiments described above, by taking certain intelligent terminal of practical Android environment as an example, as shown in Fig. 2, tool
Body includes client concrete operation step and server workflow;
Client concrete operation step includes:
Step 101: the client in installation Mr. Yu's intelligent terminal reads list of application (such as navigation application, the day of the terminal
Gas application, payment application, shopping application, discussion bar application, sharing application, take out application at forum's application, and audio-visual application, downloading is answered
With application etc. of making friends), the version number of each application and the permissions list authorized (transmitting-receiving short message, Geographic mapping, reading
The SOT state of termination, make a phone call, reading terminals external storage state, read-write contact person, using camera, record, open/close
WiFi, bluetooth is opened/closed), the information of reading is sent to server, and wait reply.
Step 102: after client receives reply, risk evaluation result is shown in the client terminals interface and is calculated
The optimal digital right management scheme arrived.
And server workflow is divided into two stages: preproduction phase and service stage.
Step 20: server preproduction phase operating procedure:
Step 201: identification application market on using comprising all service providers.
By feature extraction (for example, url character string, has used the interface etc. of network communication) accurately by service provider
The dynamic base of exploitation identifies.In identification process, same service provider may issue simultaneously open source dynamic base and two into
The dynamic base of system.The use purpose in these libraries is different, but the prefix of module name is identical.For example, can detecte
" com.google.ads " and " com.google.protobuf " two modules, the former is advertisement base, the quilt in the form of binary
It is bundled in host's application, the latter is the dynamic base of open source projects compiling, should be ignored.In the case where not cancelling permission,
It altogether include 67 service providers from the intelligent terminal of user, the service provider for obtaining most permissions from user obtains 19
Permission obtains the least service provider of permission and averagely obtains 2, and average each service provider obtains 11 power from user
Limit.
Step 202: collecting and analyzing user authority setting sample, the susceptibility of the privacy information of Quantifying Permission management.
Sensitivity embodies user to the attention degree of the managed privacy information of the permission.In user's intelligent terminal, remove
The more permission of pin number is: transmitting-receiving short message, Geographic mapping, reading terminals state are made a phone call, reading terminals state text
Part external storage and read-write contact person, it was demonstrated that user relatively payes attention to them, and susceptibility higher a possibility that being revoked is larger.Make
Being revoked ratio with permission indicates the sensitivity of permission.User authority setting sample is collected and analyzed, counting user is authorized/removed
The ratio for the permission that disappears, and ratio is mapped to [1 ,+∞).
Step 203: collecting set of applications, calculate permission combination to susceptibility bring non-linear effects.
In the present embodiment, 2,089,169 application is obtained from the application shop of official, these are applied in application shop
It is divided into 39 classes.Before every class application ranking 50 application is chosen as normal use set, normal use collection amounts to 1950 and answers
With.Several set of application as malicious application for using sensitive permission most are chosen, the application of malice invasion of privacy is altogether
2000.Concrete condition is as shown in table 1 below.
Table 1 is using permission number statistical
The non-linear effects of permission combination are by generating the difference of authority application between two set.Short message is received and dispatched, is read
The SOT state of termination number difference that permissions are applied in malicious application set and in normal use set such as makes a phone call very
Greatly, then illustrate the case where they are abused compare it is more serious with other permissions, then it is bigger to the non-linear effects of its susceptibility.Power
The combined sensitivity of limit is added up by the susceptibility of all permissions in combination and is obtained.
For being calculated using the permission of application using association rule algorithm in normal use set and malicious application set
The support of each permission combination.Minimum support is lower, and the permission combination of appearance is more.
In the present embodiment, the minimum support threshold set ignores the power that all supports are lower than 0.775 as 0.775
Limit combination.
Calculate the weight of each permission in permission combination.The combined non-linearity susceptibility of permission combination is pressed into weight distribution
The permission for including to each.
The average value for calculating non-linear susceptibility of the permission in all permissions combination, the non-linear sensitivity as the permission
Metrization value, the sensitivity and non-linear susceptibility quantized value such as the following table 2 of highest eight permissions of susceptibility in intelligent terminal
It is shown.
2 sensitivity quantized value of table
Step 30: server service stages operating step:
Step 301: the service provider in identification list of application, and the permission that each service provider possesses is counted, it assesses
The privacy compromise risk of system.
All service providers for including in application are identified by step 201 according to the application of user installation.Statistics
Application permissions list (the navigation application: Geographic mapping, either on or off WiFi etc. of each service provider out;Weather application:
Geographic mapping, transmitting-receiving short message etc.;Payment application: camera, transmitting-receiving short message etc. are used).By the non-of permission each in list
Linear sensitivity is cumulative, as to service provider leakage privacy information value-at-risk (navigation application: 21.25, payment application:
15.9, shopping application: 14.34, weather application: 8.76).The privacy compromise value-at-risk of all service providers is added up, as
Using whole privacy compromise value-at-risk, the value-at-risk of present terminal is 102.74, and assessment result is that privacy compromise risk is higher.
Step 302: according to user authority setting sample, calculating application service quality penalty values.
The availability of application must be taken into consideration in rights management.For corresponding use, the permission of revocation is more, privacy compromise
Risk is lower, and service quality is also lower.Under extreme case, the privacy compromise risk that all permissions are all cancelled is minimum, but
Normal function will be unable to using.In the permissions list that terminal is sent, permission is positioned, using camera and opens/closes WiFi
Request times it is most, illustrate to cancel these permissions to service quality loss most serious caused by user security risk.And reading terminals shape
The request times of state, reading terminals external storage state, the permissions such as read-write contact person are minimum, illustrate to cancel these permissions to user
Caused by application service quality loss it is most slight.
Therefore, the ratio of number is revoked in similar application using permission as the rights service mass loss of the permission
Value.Will all permissions being revoked of application rights service mass loss value it is cumulative it can be concluded that the application application service quality
Penalty values.Service quality using whole loss is the sum of the service quality of all applications loss, i.e., by all application service matter
Amount penalty values are cumulative to obtain system service mass loss value.
Step 303: calculating authority configuration scheme, result is fed back into client.
For service provider, the permission of its acquisition is reduced, permission assemblage zone is destroyed and carrys out privacy risk non-linear growth
A possibility that, user's whole private information disclosure is reduced to the risk of service provider, and terminal is obtained according to the calculating of server
Optimal authority configuration it is as shown in table 3 below.
The optimal authority configuration table of 3 intelligent terminal of table
Privacy compromise risk evaluation result in step 301 is sent to user's intelligence together with optimal authority configuration scheme
Client terminals.
Fig. 3 is a kind of privacy compromise risk assessment device provided in an embodiment of the present invention, including sensitivity obtains module
40, non-linear susceptibility obtains module 50 and evaluation module 60, in which:
Sensitivity obtains module 40 and revocation ratio of the user to permission is quantified as the quick of the managed sensitive information of permission
Sense degree constructs common permission combination, and the combination susceptibility of common permission combination is obtained based on the sensitivity;
Non-linear susceptibility obtains module 50 and obtains the common permission combination there is ratio and normal in malicious application
Occurs the difference of ratio in, the combination for obtaining the common permission combination based on the difference and the combination susceptibility is non-
Linear sensitivity, and the non-linear sensitivity of permission based on each permission under combined non-linearity susceptibility acquisition permission assembled state
Degree;
Application permission and the permission non-linear sensitivity of the evaluation module 60 based on each service provider in installation application
Degree, obtains the privacy compromise value-at-risk of service provider;Privacy compromise value-at-risk based on all service providers, is applied
Whole privacy compromise value-at-risk.
In the present embodiment, further include optimal permission configuration module 70, set constraint condition: system service mass loss value
No more than default second threshold, the difference of the maxima and minima of application service quality penalty values is less than default third threshold value;Base
Free permission allocation plan is configured in the constraint condition.
Fig. 4 is the entity structure schematic diagram of electronic equipment provided in an embodiment of the present invention, as shown in figure 4, the electronic equipment
It may include: processor (processor) 810,820, memory communication interface (Communications Interface)
(memory) 830 and communication bus 840, wherein processor 810, communication interface 820, memory 830 pass through communication bus 840
Complete mutual communication.Processor 810 can call the meter that is stored on memory 830 and can run on processor 810
Calculation machine program, to execute the privacy compromise methods of risk assessment of the various embodiments described above offer, for example,
S1, the sensitivity that user is quantified as the revocation ratio of permission to the managed sensitive information of permission, building are common
Permission combination obtains the combination susceptibility of common permission combination based on the sensitivity;
S2, the acquisition common permission combination occur occurring the difference of ratio in ratio and normal use in malicious application
Value obtains the combined non-linearity susceptibility of the common permission combination based on the difference and the combination susceptibility, and is based on
The combined non-linearity susceptibility obtains the non-linear susceptibility of permission of each permission under permission assembled state;
S3, the application permission based on service provider and the non-linear susceptibility of the permission, obtain each service provider
Privacy compromise value-at-risk;Based on the privacy compromise value-at-risk of service providers all in application, the whole privacy that is applied is let out
Leak value-at-risk.
In addition, the logical order in above-mentioned memory 830 can be realized by way of SFU software functional unit and conduct
Independent product when selling or using, can store in a computer readable storage medium.Based on this understanding, originally
The technical solution of the inventive embodiments substantially part of the part that contributes to existing technology or the technical solution in other words
It can be embodied in the form of software products, which is stored in a storage medium, including several fingers
It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes the present invention respectively
The all or part of the steps of a embodiment the method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory
(ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic or disk
Etc. the various media that can store program code.
The embodiment of the present invention also provides a kind of non-transient computer readable storage medium, is stored thereon with computer program,
The computer program is implemented to carry out the privacy compromise methods of risk assessment of the various embodiments described above offer, example when being executed by processor
Such as include:
S1, the sensitivity that user is quantified as the revocation ratio of permission to the managed sensitive information of permission, building are common
Permission combination obtains the combination susceptibility of common permission combination based on the sensitivity;
S2, the acquisition common permission combination occur occurring the difference of ratio in ratio and normal use in malicious application
Value obtains the combined non-linearity susceptibility of the common permission combination based on the difference and the combination susceptibility, and is based on
The combined non-linearity susceptibility obtains the non-linear susceptibility of permission of each permission under permission assembled state;
S3, the application permission based on service provider and the non-linear susceptibility of the permission, obtain each service provider
Privacy compromise value-at-risk;Based on the privacy compromise value-at-risk of service providers all in application, the whole privacy that is applied is let out
Leak value-at-risk.
The embodiment of the present invention also provides the present embodiment and discloses a kind of computer program product, the computer program product packet
The computer program being stored in non-transient computer readable storage medium is included, the computer program includes program instruction, when
Described program instruction is when being computer-executed, and computer is able to carry out such as above-mentioned privacy compromise methods of risk assessment, such as is wrapped
It includes:
S1, the sensitivity that user is quantified as the revocation ratio of permission to the managed sensitive information of permission, building are common
Permission combination obtains the combination susceptibility of common permission combination based on the sensitivity;
S2, the acquisition common permission combination occur occurring the difference of ratio in ratio and normal use in malicious application
Value obtains the combined non-linearity susceptibility of the common permission combination based on the difference and the combination susceptibility, and is based on
The combined non-linearity susceptibility obtains the non-linear susceptibility of permission of each permission under permission assembled state;
S3, the application permission based on service provider and the non-linear susceptibility of the permission, obtain each service provider
Privacy compromise value-at-risk;Based on the privacy compromise value-at-risk of service providers all in application, the whole privacy that is applied is let out
Leak value-at-risk.
In conclusion a kind of privacy compromise methods of risk assessment provided in an embodiment of the present invention and device, emphasis consider
Third-party service provider obtains the case where privacy information in the unwitting situation of user, by collecting and analyzing user's power
Limit setting sample, the susceptibility of the privacy information of Quantifying Permission management make incidence relation between permission and privacy definitely,
Personalized digital right management scheme is more accurately customized for user to more preferable, based on malicious application set and normal use set
Between difference, the susceptibility of Quantifying Permission, and emphasis consider permission combination to privacy compromise bring non-linear effects,
The service quality that weighs and secret protection effect, can provide while guaranteeing higher quality of service for user, which reduces privacy information, lets out
The system entirety digital right management scheme for leaking out dangerous.
The apparatus embodiments described above are merely exemplary, wherein described, unit can as illustrated by the separation member
It is physically separated with being or may not be, component shown as a unit may or may not be physics list
Member, it can it is in one place, or may be distributed over multiple network units.It can be selected according to the actual needs
In some or all of the modules achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not paying creativeness
Labour in the case where, it can understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can
It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on
Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should
Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers
It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation
Method described in certain parts of example or embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used
To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features;
And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and
Range.
Claims (10)
1. a kind of privacy compromise methods of risk assessment characterized by comprising
User is quantified as the revocation ratio of permission to the sensitivity of the managed sensitive information of permission, constructs common permission group
It closes, the combination susceptibility of common permission combination is obtained based on the sensitivity;
It obtains the common permission combination and occurs occurring the difference of ratio in ratio and normal use in malicious application, be based on institute
It states difference and the combination susceptibility obtains the combined non-linearity susceptibility of the common permission combination, and is non-based on the combination
Linear sensitivity obtains the non-linear susceptibility of permission of each permission under permission assembled state;
Application permission and the non-linear susceptibility of the permission, the privacy for obtaining each service provider based on service provider are let out
Leak value-at-risk;Based on the privacy compromise value-at-risk of service providers all in application, be applied whole privacy compromise value-at-risk.
2. privacy compromise methods of risk assessment according to claim 1, which is characterized in that by user to the revocation ratio of permission
Before example is quantified as the sensitivity of the managed sensitive information of permission, further includes:
Based on the dynamic base of service provider in feature extracting method identification application, all of permission can wherein be obtained by filtering out
Service provider;
The all permissions that statistical fractals provider obtains from multiple applications.
3. privacy compromise methods of risk assessment according to claim 1, which is characterized in that construct common permission combination, tool
Body includes:
It collects normal use set and malicious application set, the permission that wherein normal use collection is combined into application is consistent with actual functional capability
Application set, malicious application collection be combined into application sensitive permission be greater than setting quantity application set, the sensitive permission
It is permission relevant to user privacy information;
Based on association rules method from the permission that respectively application is applied in the normal use set and the malicious application set
Excavate common permission combination;Calculate the support of each permission combination, the support be the permission combine it is described just
Normal set of applications or the malicious application concentrate the ratio occurred;The permission that support is filtered out greater than preset first threshold value combines
It is combined as common permission.
4. privacy compromise methods of risk assessment according to claim 1, which is characterized in that obtained based on the sensitivity
The combination susceptibility of common permission combination, specifically includes:
The sensitivity of each permission in the common permission combination is added up, the permission combination for obtaining the common permission combination is quick
Sensitivity.
5. privacy compromise methods of risk assessment according to claim 1, which is characterized in that and it is based on the combined non-linearity
Susceptibility obtains the non-linear susceptibility of permission of each permission under permission assembled state, specifically includes:
In each common permission combination, based on permission, shared weight is sensitive by the combined non-linearity in the combination of common permission
Degree distributes to corresponding permission, obtains the non-linear susceptibility of initial rights of corresponding authority;
The average value of each permission non-linear susceptibility of permission in all common permission combinations is obtained, and as corresponding authority
The non-linear susceptibility of permission.
6. privacy compromise methods of risk assessment according to claim 1, which is characterized in that be applied whole privacy compromise
After value-at-risk, further includes:
Using install application in each permission number is revoked in similar application ratio as rights service mass loss value, will pacify
The cumulative service quality loss value that is applied of rights service mass loss value of all permissions being revoked of dress application, is answered all
System service mass loss value is obtained with service quality loss value is cumulative.
7. privacy compromise methods of risk assessment according to claim 6, which is characterized in that be applied whole privacy compromise
After value-at-risk, further includes:
Set constraint condition: system service mass loss value is no more than default second threshold, and application service quality penalty values are most
The difference of big value and minimum value is less than default third threshold value;
Free permission allocation plan is configured based on the constraint condition.
8. a kind of privacy compromise risk assessment device characterized by comprising
Sensitivity obtains module, for user to be quantified as the revocation ratio of permission to the sensitivity of the managed sensitive information of permission
Degree constructs common permission combination, and the combination susceptibility of common permission combination is obtained based on the sensitivity;
Non-linear susceptibility obtains module, occurs ratio in malicious application for obtaining the common permission combination and normally answers
There is the difference of ratio with middle, the combination for obtaining the common permission combination based on the difference and the combination susceptibility is non-thread
Property susceptibility, and based on the combined non-linearity susceptibility obtain permission assembled state under each permission the non-linear sensitivity of permission
Degree;
Evaluation module obtains each service for application permission and the non-linear susceptibility of the permission based on service provider
The privacy compromise value-at-risk of provider;Based on the privacy compromise value-at-risk of service providers all in application, be applied entirety
Privacy compromise value-at-risk.
9. a kind of electronic equipment including memory, processor and stores the calculating that can be run on a memory and on a processor
Machine program, which is characterized in that the processor realizes method as described in any one of claim 1 to 7 when executing described program
The step of.
10. a kind of non-transient computer readable storage medium, is stored thereon with computer program, which is characterized in that the calculating
The step of machine program realizes method as described in any one of claim 1 to 7 when being executed by processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811377272.8A CN109753808B (en) | 2018-11-19 | 2018-11-19 | Privacy leakage risk assessment method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811377272.8A CN109753808B (en) | 2018-11-19 | 2018-11-19 | Privacy leakage risk assessment method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109753808A true CN109753808A (en) | 2019-05-14 |
| CN109753808B CN109753808B (en) | 2020-09-11 |
Family
ID=66403456
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811377272.8A Active CN109753808B (en) | 2018-11-19 | 2018-11-19 | Privacy leakage risk assessment method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109753808B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110519218A (en) * | 2019-07-05 | 2019-11-29 | 中国科学院信息工程研究所 | A kind of method for protecting privacy and system based on privacy leakage assessment |
| CN110716769A (en) * | 2019-09-27 | 2020-01-21 | 武汉极意网络科技有限公司 | Service wind control gateway and service wind control method |
| CN110851872A (en) * | 2019-11-19 | 2020-02-28 | 支付宝(杭州)信息技术有限公司 | Risk assessment method and device for private data leakage |
| CN111311107A (en) * | 2020-03-02 | 2020-06-19 | 腾讯科技(深圳)有限公司 | Risk assessment method and device based on user relationship and computer equipment |
| CN112073584A (en) * | 2019-08-27 | 2020-12-11 | 烟台中科网络技术研究所 | Risk assessment method for App to collect personal sensitive information of user |
| WO2021097717A1 (en) * | 2019-11-20 | 2021-05-27 | 深圳市欢太科技有限公司 | Permission management method and apparatus for user portrait, server, and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120324228A1 (en) * | 2011-06-17 | 2012-12-20 | Microsoft Corporation | Platform that facilitates preservation of user privacy |
| US20130214909A1 (en) * | 2012-02-22 | 2013-08-22 | Qualcomm Incorporated | Airplane mode for wireless transmitter device and system using short-range wireless broadcasts |
| CN105740709A (en) * | 2016-01-29 | 2016-07-06 | 博雅网信(北京)科技有限公司 | Authority combination-based Android malicious software detection method |
| CN106339396A (en) * | 2015-07-10 | 2017-01-18 | 上海贝尔股份有限公司 | Privacy risk assessment method and device for user generated content |
| CN108446572A (en) * | 2018-03-26 | 2018-08-24 | 南京邮电大学 | A kind of privacy authority management method based on service granularity |
-
2018
- 2018-11-19 CN CN201811377272.8A patent/CN109753808B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120324228A1 (en) * | 2011-06-17 | 2012-12-20 | Microsoft Corporation | Platform that facilitates preservation of user privacy |
| US20130214909A1 (en) * | 2012-02-22 | 2013-08-22 | Qualcomm Incorporated | Airplane mode for wireless transmitter device and system using short-range wireless broadcasts |
| CN106339396A (en) * | 2015-07-10 | 2017-01-18 | 上海贝尔股份有限公司 | Privacy risk assessment method and device for user generated content |
| CN105740709A (en) * | 2016-01-29 | 2016-07-06 | 博雅网信(北京)科技有限公司 | Authority combination-based Android malicious software detection method |
| CN108446572A (en) * | 2018-03-26 | 2018-08-24 | 南京邮电大学 | A kind of privacy authority management method based on service granularity |
Non-Patent Citations (1)
| Title |
|---|
| 邝青青,彭长根,丁洪: "基于关联规则的隐私泄露风险评估模型", 《贵州大学学报( 自然科学版)》 * |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110519218A (en) * | 2019-07-05 | 2019-11-29 | 中国科学院信息工程研究所 | A kind of method for protecting privacy and system based on privacy leakage assessment |
| CN112073584A (en) * | 2019-08-27 | 2020-12-11 | 烟台中科网络技术研究所 | Risk assessment method for App to collect personal sensitive information of user |
| CN110716769A (en) * | 2019-09-27 | 2020-01-21 | 武汉极意网络科技有限公司 | Service wind control gateway and service wind control method |
| CN110851872A (en) * | 2019-11-19 | 2020-02-28 | 支付宝(杭州)信息技术有限公司 | Risk assessment method and device for private data leakage |
| CN110851872B (en) * | 2019-11-19 | 2021-02-23 | 支付宝(杭州)信息技术有限公司 | Risk assessment method and device for private data leakage |
| TWI734466B (en) * | 2019-11-19 | 2021-07-21 | 大陸商支付寶(杭州)信息技術有限公司 | Risk assessment method and device for leakage of privacy data |
| WO2021097717A1 (en) * | 2019-11-20 | 2021-05-27 | 深圳市欢太科技有限公司 | Permission management method and apparatus for user portrait, server, and storage medium |
| CN111311107A (en) * | 2020-03-02 | 2020-06-19 | 腾讯科技(深圳)有限公司 | Risk assessment method and device based on user relationship and computer equipment |
| CN111311107B (en) * | 2020-03-02 | 2023-05-09 | 腾讯科技(深圳)有限公司 | Risk assessment method and device based on user relationship and computer equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109753808B (en) | 2020-09-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109753808A (en) | A kind of privacy compromise methods of risk assessment and device | |
| US9928381B2 (en) | Data privacy management | |
| US11138300B2 (en) | Multi-factor profile and security fingerprint analysis | |
| Hatamian et al. | Revealing the unrevealed: Mining smartphone users privacy perception on app markets | |
| Bonné et al. | Exploring decision making with {Android’s} runtime permission dialogs using in-context surveys | |
| Mylonas et al. | Assessing privacy risks in android: A user-centric approach | |
| US9215074B2 (en) | Expressing intent to control behavior of application components | |
| Liccardi et al. | No technical understanding required: Helping users make informed choices about access to their personal data | |
| Tsavli et al. | Reengineering the user: privacy concerns about personal data on smartphones | |
| US20120290545A1 (en) | Collection of intranet activity data | |
| CN112348659B (en) | User identification policy distribution method and device and electronic equipment | |
| US20200320202A1 (en) | Privacy vulnerability scanning of software applications | |
| CN112330355B (en) | Method, device, equipment and storage medium for processing consumption coupon transaction data | |
| He et al. | An investigation into android in-app ad practice: Implications for app developers | |
| Liccardi et al. | Improving user choice through better mobile apps transparency and permissions analysis | |
| CN109685639A (en) | Loan checking method, device, equipment and computer readable storage medium | |
| Liccardi et al. | Improving mobile app selection through transparency and better permission analysis | |
| Alsoubai et al. | Permission vs. app limiters: profiling smartphone users to understand differing strategies for mobile privacy management | |
| Chen et al. | Framing of summary risk/safety information and app selection | |
| CN113254837A (en) | Application program evaluation method, device, system, equipment and medium | |
| Asnar et al. | Confidentiality and privacy information security risk assessment for Android-based mobile devices | |
| Donnelly | Privacy by (re) design: a comparative study of the protection of personal information in the mobile applications ecosystem under United States, European Union and South African law. | |
| Cecere et al. | Economics of free mobile applications: Personal data and third parties | |
| CN114095230B (en) | Data processing method, device, computer equipment and storage medium | |
| Alrababah et al. | The Effect of User Behavior in Online Banking on Cybersecurity Knowledge |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |